Software Integrity

5 tips to get started in the information security industry

Step 1: Become your own champion

If you have access to a local technology or engineering association at your school or in your community, get involved. Many state and private universities offer online courses geared towards these fields, and some even provide more technical tracks for those with added experience.

Once you’ve found a community that provides you with the resources you need, assess your existing experience based on what you learn over the first few classes. That way, you can keep track of your progress for the duration of the course. Despite how challenging the content may be, remember to be your own champion. It will help keep you invested in the journey, while also serving as your ultimate support system for when you work with teams later on in your career. The most successful cyber security programs are founded with the right team of people who act as champions for one another and understand their personal strengths and ways to improve.

If you don’t have a local group to help you get started, take a look into these organizations:

Girls Who Code help mentor the women engineers of the next generation.

Code.org is a non-profit dedicated to expanding participation in computer science for a variety of expertise levels and fields.

Step 2: Attend a conference

Cyber security is a constantly changing field where subject matter experts love to get together to share their latest thoughts on how to solve new and evolving problems within the industry. On any given day, there is likely an information security conference happening somewhere in the world. Take advantage of this opportunity—listen to speaker, pick up collateral (flyers, magazines, etc.), sign up for mailing lists, watch product demos, and always ask questions! Bring your own collateral (i.e., business cards) to exchange with the people you meet. It can be helpful to keep a running list of the companies you find to be particularly informative and interesting and will also be useful in steps three and four below. Find one near you or make a fun trip out of it by traveling to a part of the world that you’ve always wanted to visit.

Budget Tip: If you aren’t already working for an established company that is attending the conference, tickets can get pricey. However, there are sometimes opportunities to volunteer with the host organization (either as someone staffing a session or handling registration) which could mean discounted or complimentary entry to the event. Also, some conference offer expo-only free or discounted passes, which can be a great low-cost way to participate in the security conference without breaking your bank.

Step 3: Find a mentor…and potentially a new employer

Maybe while you were at the conference, or continuing your education online, you came across some people with jobs you’d be interested in having one day, or companies you thought were aiming to solve some particularly interesting problems. Now that you’re connected with some of these folks on LinkedIn or Twitter, consider messaging them to request an informational interview. While there are all sorts of different people in cyber security, if you send enough messages, you’re bound to find a few who are willing to share their personal story of how and why they got into this field. And who knows, maybe some of them will even be looking to hire! Either way, your chances of finding a mentor are far greater by simply starting the conversation. Once you’ve found someone you trust, start asking questions about their successes, the lessons they have learned, and the ways they hope to improve.

Step 4: Consider pursuing a certification

If you’re serious about wanting to understand the basics of cyber security, consider signing up for a course that will allow you to achieve security certification, such as ISC2’s CISSP. You’ll gain knowledge through your studies, and will also have several letters to put after your name on a resume when you start applying for those cyber security roles.

Step 5: Refine your skills on the job

Cyber security is a hot field. In some regions there are more positions available than candidates with the right skills to fit those positions. Some cyber security hiring managers are shifting their focus from looking for candidates who already have all the qualifications and expertise, to applicants with a strong background in development or IT who are able and willing to learn on the job. Consider applying for jobs in the field even if you don’t necessarily meet all of the qualifications up front or on paper. Chances are, other candidates won’t either. Highlight the skills and experience that you have which could be related or transferable, and in the interview process, it’s important to emphasize and demonstrate your passion for the field and capability to be brought up to speed quickly.

The mere fact that awareness of the cyber security field is on the rise is a success. We dedicate a month each year to raising awareness, and the efforts are paying off. The next step, however, is to take that awareness and turn it into a more in-depth education. Combine that curiosity and these tips to foster your professional growth as a cyber security expert.